[SOLVED] Vpn connection reset

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
ray.rick.mini
DD-WRT Novice


Joined: 16 Mar 2011
Posts: 31
PostPosted: Fri Mar 25, 2011 11:58    Post subject: [SOLVED] Vpn connection reset Reply with quote
Hi everybody.
I'm trying to connect my server through a webproxy on a linux machine.Server&client are in TCP mode, the connection is estabilished, but it reset after a while.
Unfortunely i can't see server logs right now, but I can post client log in verbose 5 mode.
Any ideas? It is something I can resolve without put hands on the server?

Thanks a lot.


Fri Mar 25 12:44:47 2011 us=366580 Current Parameter Settings:
Fri Mar 25 12:44:47 2011 us=366732 config = 'client.conf'
Fri Mar 25 12:44:47 2011 us=366762 mode = 0
Fri Mar 25 12:44:47 2011 us=366788 persist_config = DISABLED
Fri Mar 25 12:44:47 2011 us=366813 persist_mode = 1
Fri Mar 25 12:44:47 2011 us=366837 show_ciphers = DISABLED
Fri Mar 25 12:44:47 2011 us=366862 show_digests = DISABLED
Fri Mar 25 12:44:47 2011 us=366887 show_engines = DISABLED
Fri Mar 25 12:44:47 2011 us=366911 genkey = DISABLED
Fri Mar 25 12:44:47 2011 us=366934 key_pass_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=366959 show_tls_ciphers = DISABLED
Fri Mar 25 12:44:47 2011 us=366983 Connection profiles [default]:
Fri Mar 25 12:44:47 2011 us=367008 proto = tcp-client
Fri Mar 25 12:44:47 2011 us=367032 local = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367056 local_port = 0
Fri Mar 25 12:44:47 2011 us=367080 remote = 'xxxxxxxx.blabla-bla.net'
Fri Mar 25 12:44:47 2011 us=367106 remote_port = 443
Fri Mar 25 12:44:47 2011 us=367130 remote_float = ENABLED
Fri Mar 25 12:44:47 2011 us=367154 bind_defined = DISABLED
Fri Mar 25 12:44:47 2011 us=367179 bind_local = DISABLED
Fri Mar 25 12:44:47 2011 us=367204 connect_retry_seconds = 5
Fri Mar 25 12:44:47 2011 us=367228 connect_timeout = 10
Fri Mar 25 12:44:47 2011 us=367253 connect_retry_max = 0
Fri Mar 25 12:44:47 2011 us=367277 BEGIN http_proxy
Fri Mar 25 12:44:47 2011 us=367300 server = 'localhost'
Fri Mar 25 12:44:47 2011 us=367325 port = 3128
Fri Mar 25 12:44:47 2011 us=367349 auth_method_string = 'none'
Fri Mar 25 12:44:47 2011 us=367373 auth_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367397 retry = DISABLED
Fri Mar 25 12:44:47 2011 us=367422 timeout = 5
Fri Mar 25 12:44:47 2011 us=367445 http_version = '1.0'
Fri Mar 25 12:44:47 2011 us=367470 user_agent = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367494 END http_proxy
Fri Mar 25 12:44:47 2011 us=367518 socks_proxy_server = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367543 socks_proxy_port = 0
Fri Mar 25 12:44:47 2011 us=367566 socks_proxy_retry = DISABLED
Fri Mar 25 12:44:47 2011 us=367593 Connection profiles END
Fri Mar 25 12:44:47 2011 us=367617 remote_random = DISABLED
Fri Mar 25 12:44:47 2011 us=367641 ipchange = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367666 dev = 'tap0'
Fri Mar 25 12:44:47 2011 us=367690 dev_type = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367713 dev_node = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367738 lladdr = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367762 topology = 1
Fri Mar 25 12:44:47 2011 us=367786 tun_ipv6 = DISABLED
Fri Mar 25 12:44:47 2011 us=367811 ifconfig_local = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367835 ifconfig_remote_netmask = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=367859 ifconfig_noexec = DISABLED
Fri Mar 25 12:44:47 2011 us=367883 ifconfig_nowarn = DISABLED
Fri Mar 25 12:44:47 2011 us=367907 shaper = 0
Fri Mar 25 12:44:47 2011 us=367932 tun_mtu = 1500
Fri Mar 25 12:44:47 2011 us=367956 tun_mtu_defined = ENABLED
Fri Mar 25 12:44:47 2011 us=367980 link_mtu = 1500
Fri Mar 25 12:44:47 2011 us=368005 link_mtu_defined = DISABLED
Fri Mar 25 12:44:47 2011 us=368028 tun_mtu_extra = 32
Fri Mar 25 12:44:47 2011 us=368053 tun_mtu_extra_defined = ENABLED
Fri Mar 25 12:44:47 2011 us=368077 fragment = 0
Fri Mar 25 12:44:47 2011 us=368101 mtu_discover_type = -1
Fri Mar 25 12:44:47 2011 us=368125 mtu_test = 0
Fri Mar 25 12:44:47 2011 us=368149 mlock = DISABLED
Fri Mar 25 12:44:47 2011 us=368173 keepalive_ping = 0
Fri Mar 25 12:44:47 2011 us=368198 keepalive_timeout = 0
Fri Mar 25 12:44:47 2011 us=368222 inactivity_timeout = 0
Fri Mar 25 12:44:47 2011 us=368246 ping_send_timeout = 0
Fri Mar 25 12:44:47 2011 us=368270 ping_rec_timeout = 0
Fri Mar 25 12:44:47 2011 us=368294 ping_rec_timeout_action = 0
Fri Mar 25 12:44:47 2011 us=368318 ping_timer_remote = DISABLED
Fri Mar 25 12:44:47 2011 us=368343 remap_sigusr1 = 0
Fri Mar 25 12:44:47 2011 us=368367 explicit_exit_notification = 0
Fri Mar 25 12:44:47 2011 us=368391 persist_tun = ENABLED
Fri Mar 25 12:44:47 2011 us=368439 persist_local_ip = DISABLED
Fri Mar 25 12:44:47 2011 us=368465 persist_remote_ip = DISABLED
Fri Mar 25 12:44:47 2011 us=368489 persist_key = ENABLED
Fri Mar 25 12:44:47 2011 us=368514 mssfix = 1450
Fri Mar 25 12:44:47 2011 us=368537 passtos = DISABLED
Fri Mar 25 12:44:47 2011 us=368562 resolve_retry_seconds = 1000000000
Fri Mar 25 12:44:47 2011 us=368587 username = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=368610 groupname = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=368635 chroot_dir = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=368659 cd_dir = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=368683 writepid = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=368708 up_script = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=368732 down_script = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=368755 down_pre = DISABLED
Fri Mar 25 12:44:47 2011 us=368780 up_restart = DISABLED
Fri Mar 25 12:44:47 2011 us=368804 up_delay = DISABLED
Fri Mar 25 12:44:47 2011 us=368833 daemon = DISABLED
Fri Mar 25 12:44:47 2011 us=368858 inetd = 0
Fri Mar 25 12:44:47 2011 us=368882 log = DISABLED
Fri Mar 25 12:44:47 2011 us=368907 suppress_timestamps = DISABLED
Fri Mar 25 12:44:47 2011 us=368931 nice = 0
Fri Mar 25 12:44:47 2011 us=368956 verbosity = 5
Fri Mar 25 12:44:47 2011 us=368980 mute = 0
Fri Mar 25 12:44:47 2011 us=369004 gremlin = 0
Fri Mar 25 12:44:47 2011 us=369028 status_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369052 status_file_version = 1
Fri Mar 25 12:44:47 2011 us=369076 status_file_update_freq = 60
Fri Mar 25 12:44:47 2011 us=369100 occ = ENABLED
Fri Mar 25 12:44:47 2011 us=369125 rcvbuf = 65536
Fri Mar 25 12:44:47 2011 us=369148 sndbuf = 65536
Fri Mar 25 12:44:47 2011 us=369173 sockflags = 0
Fri Mar 25 12:44:47 2011 us=369198 fast_io = DISABLED
Fri Mar 25 12:44:47 2011 us=369223 lzo = 0
Fri Mar 25 12:44:47 2011 us=369247 route_script = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369271 route_default_gateway = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369296 route_default_metric = 0
Fri Mar 25 12:44:47 2011 us=369319 route_noexec = DISABLED
Fri Mar 25 12:44:47 2011 us=369344 route_delay = 0
Fri Mar 25 12:44:47 2011 us=369368 route_delay_window = 30
Fri Mar 25 12:44:47 2011 us=369393 route_delay_defined = DISABLED
Fri Mar 25 12:44:47 2011 us=369418 route_nopull = DISABLED
Fri Mar 25 12:44:47 2011 us=369442 route_gateway_via_dhcp = DISABLED
Fri Mar 25 12:44:47 2011 us=369467 max_routes = 100
Fri Mar 25 12:44:47 2011 us=369491 allow_pull_fqdn = DISABLED
Fri Mar 25 12:44:47 2011 us=369516 management_addr = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369540 management_port = 0
Fri Mar 25 12:44:47 2011 us=369565 management_user_pass = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369590 management_log_history_cache = 250
Fri Mar 25 12:44:47 2011 us=369614 management_echo_buffer_size = 100
Fri Mar 25 12:44:47 2011 us=369639 management_write_peer_info_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369663 management_client_user = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369688 management_client_group = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369712 management_flags = 0
Fri Mar 25 12:44:47 2011 us=369736 shared_secret_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=369761 key_direction = 0
Fri Mar 25 12:44:47 2011 us=369785 ciphername_defined = ENABLED
Fri Mar 25 12:44:47 2011 us=369810 ciphername = 'BF-CBC'
Fri Mar 25 12:44:47 2011 us=369834 authname_defined = ENABLED
Fri Mar 25 12:44:47 2011 us=369859 authname = 'SHA1'
Fri Mar 25 12:44:47 2011 us=369883 prng_hash = 'SHA1'
Fri Mar 25 12:44:47 2011 us=369908 prng_nonce_secret_len = 16
Fri Mar 25 12:44:47 2011 us=369932 keysize = 0
Fri Mar 25 12:44:47 2011 us=369956 engine = DISABLED
Fri Mar 25 12:44:47 2011 us=369981 replay = ENABLED
Fri Mar 25 12:44:47 2011 us=370005 mute_replay_warnings = DISABLED
Fri Mar 25 12:44:47 2011 us=370030 replay_window = 64
Fri Mar 25 12:44:47 2011 us=370054 replay_time = 15
Fri Mar 25 12:44:47 2011 us=370078 packet_id_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370103 use_iv = ENABLED
Fri Mar 25 12:44:47 2011 us=370150 test_crypto = DISABLED
Fri Mar 25 12:44:47 2011 us=370175 tls_server = DISABLED
Fri Mar 25 12:44:47 2011 us=370199 tls_client = ENABLED
Fri Mar 25 12:44:47 2011 us=370242 key_method = 2
Fri Mar 25 12:44:47 2011 us=370267 ca_file = '/etc/openvpn/ca.crt'
Fri Mar 25 12:44:47 2011 us=370291 ca_path = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370316 dh_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370341 cert_file = '/etc/openvpn/client.crt'
Fri Mar 25 12:44:47 2011 us=370365 priv_key_file = '/etc/openvpn/client.key'
Fri Mar 25 12:44:47 2011 us=370390 pkcs12_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370414 cipher_list = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370439 tls_verify = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370464 tls_remote = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370488 crl_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370512 ns_cert_type = 64
Fri Mar 25 12:44:47 2011 us=370538 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370563 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370587 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370612 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370637 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370662 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370686 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370710 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370735 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370758 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370783 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370807 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370831 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370857 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370881 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370906 remote_cert_ku[i] = 0
Fri Mar 25 12:44:47 2011 us=370929 remote_cert_eku = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=370954 tls_timeout = 2
Fri Mar 25 12:44:47 2011 us=370978 renegotiate_bytes = 0
Fri Mar 25 12:44:47 2011 us=371002 renegotiate_packets = 0
Fri Mar 25 12:44:47 2011 us=371027 renegotiate_seconds = 3600
Fri Mar 25 12:44:47 2011 us=371052 handshake_window = 60
Fri Mar 25 12:44:47 2011 us=371076 transition_window = 3600
Fri Mar 25 12:44:47 2011 us=371099 single_session = DISABLED
Fri Mar 25 12:44:47 2011 us=371124 push_peer_info = DISABLED
Fri Mar 25 12:44:47 2011 us=371148 tls_exit = DISABLED
Fri Mar 25 12:44:47 2011 us=371172 tls_auth_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=371197 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371222 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371246 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371271 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371295 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371320 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371344 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371368 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371393 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371418 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371442 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371466 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371491 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371515 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371540 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371564 pkcs11_protected_authentication = DISABLED
Fri Mar 25 12:44:47 2011 us=371590 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371615 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371640 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371665 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371711 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371737 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371762 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371787 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371811 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371836 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371861 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371886 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371911 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371936 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371960 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=371985 pkcs11_private_mode = 00000000
Fri Mar 25 12:44:47 2011 us=372010 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372034 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372058 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372083 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372107 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372132 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372156 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372181 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372205 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372230 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372254 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372279 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372304 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372328 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372352 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372376 pkcs11_cert_private = DISABLED
Fri Mar 25 12:44:47 2011 us=372401 pkcs11_pin_cache_period = -1
Fri Mar 25 12:44:47 2011 us=372426 pkcs11_id = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=372450 pkcs11_id_management = DISABLED
Fri Mar 25 12:44:47 2011 us=372489 server_network = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372517 server_netmask = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372544 server_bridge_ip = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372571 server_bridge_netmask = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372598 server_bridge_pool_start = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372625 server_bridge_pool_end = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372650 ifconfig_pool_defined = DISABLED
Fri Mar 25 12:44:47 2011 us=372675 ifconfig_pool_start = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372702 ifconfig_pool_end = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372728 ifconfig_pool_netmask = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=372754 ifconfig_pool_persist_filename = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=372778 ifconfig_pool_persist_refresh_freq = 600
Fri Mar 25 12:44:47 2011 us=372802 n_bcast_buf = 256
Fri Mar 25 12:44:47 2011 us=372826 tcp_queue_limit = 64
Fri Mar 25 12:44:47 2011 us=372850 real_hash_size = 256
Fri Mar 25 12:44:47 2011 us=372875 virtual_hash_size = 256
Fri Mar 25 12:44:47 2011 us=372898 client_connect_script = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=372923 learn_address_script = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=372947 client_disconnect_script = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=372972 client_config_dir = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=372996 ccd_exclusive = DISABLED
Fri Mar 25 12:44:47 2011 us=373020 tmp_dir = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=373045 push_ifconfig_defined = DISABLED
Fri Mar 25 12:44:47 2011 us=373072 push_ifconfig_local = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=373099 push_ifconfig_remote_netmask = 0.0.0.0
Fri Mar 25 12:44:47 2011 us=373124 enable_c2c = DISABLED
Fri Mar 25 12:44:47 2011 us=373148 duplicate_cn = DISABLED
Fri Mar 25 12:44:47 2011 us=373172 cf_max = 0
Fri Mar 25 12:44:47 2011 us=373196 cf_per = 0
Fri Mar 25 12:44:47 2011 us=373220 max_clients = 1024
Fri Mar 25 12:44:47 2011 us=373245 max_routes_per_client = 256
Fri Mar 25 12:44:47 2011 us=373292 auth_user_pass_verify_script = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=373317 auth_user_pass_verify_script_via_file = DISABLED
Fri Mar 25 12:44:47 2011 us=373342 ssl_flags = 0
Fri Mar 25 12:44:47 2011 us=373366 port_share_host = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=373390 port_share_port = 0
Fri Mar 25 12:44:47 2011 us=373414 client = ENABLED
Fri Mar 25 12:44:47 2011 us=373438 pull = ENABLED
Fri Mar 25 12:44:47 2011 us=373463 auth_user_pass_file = '[UNDEF]'
Fri Mar 25 12:44:47 2011 us=373491 OpenVPN 2.1.3 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Oct 21 2010
Fri Mar 25 12:44:47 2011 us=373654 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Mar 25 12:44:47 2011 us=374397 WARNING: file '/etc/openvpn/client.key' is group or others accessible
Fri Mar 25 12:44:47 2011 us=374998 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Fri Mar 25 12:44:47 2011 us=520548 Control Channel MTU parms [ L:1575 D:140 EF:40 EB:0 ET:0 EL:0 ]
Fri Mar 25 12:44:47 2011 us=520679 Socket Buffers: R=[87380->131072] S=[16384->131072]
Fri Mar 25 12:44:47 2011 us=521167 Data Channel MTU parms [ L:1575 D:1450 EF:43 EB:4 ET:32 EL:0 ]
Fri Mar 25 12:44:47 2011 us=521219 Local Options String: 'V4,dev-type tap,link-mtu 1575,tun-mtu 1532,proto TCPv4_CLIENT,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Fri Mar 25 12:44:47 2011 us=521244 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1575,tun-mtu 1532,proto TCPv4_SERVER,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Fri Mar 25 12:44:47 2011 us=521297 Local Options hash (VER=V4): '10f35004'
Fri Mar 25 12:44:47 2011 us=521329 Expected Remote Options hash (VER=V4): 'a917298a'
Fri Mar 25 12:44:47 2011 us=521367 Attempting to establish TCP connection with [AF_INET]127.0.0.1:3128 [nonblock]
Fri Mar 25 12:44:47 2011 us=521486 TCP connection established with [AF_INET]127.0.0.1:3128
Fri Mar 25 12:44:47 2011 us=521534 Send to HTTP proxy: 'CONNECT xxxxxxxx.blabla-bla.net:443 HTTP/1.0'
Fri Mar 25 12:44:47 2011 us=633445 HTTP proxy returned: 'HTTP/1.1 200 Connection established'
Fri Mar 25 12:44:49 2011 us=635746 TCPv4_CLIENT link local: [undef]
Fri Mar 25 12:44:49 2011 us=635818 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:3128
WRFri Mar 25 12:44:49 2011 us=697073 TLS: Initial packet from [AF_INET]127.0.0.1:3128, sid=93c17dfa 985aa7b1
WWRWRRRWWRWRWRRWWRWRWRFri Mar 25 12:44:50 2011 us=654650 VERIFY OK: depth=1, /C=IT/ST=MI/L=Milano/O=any-company-org/CN=server/emailAddress=myemail@gmail.com
Fri Mar 25 12:44:50 2011 us=655114 VERIFY OK: nsCertType=SERVER
Fri Mar 25 12:44:50 2011 us=655142 VERIFY OK: depth=0, /C=IT/ST=MI/L=Milano/O=any-company-org/CN=server/emailAddress=myemail@gmail.com
RWWRWRWRRWWWWWRWRRRWWWRWRWRRWWFri Mar 25 12:44:51 2011 us=359945 Connection reset, restarting [0]
Fri Mar 25 12:44:51 2011 us=360134 TCP/UDP: Closing socket

Last edited by ray.rick.mini on Sat Mar 26, 2011 11:20; edited 1 time in total
Back to top View user's profile Send private message
Sponsor
nicolasdiogo
DD-WRT Novice


Joined: 15 Feb 2011
Posts: 22
PostPosted: Fri Mar 25, 2011 16:10    Post subject: Reply with quote
i use a linux (openvpn) behind dd-wrt and it is just fine.

remember to enable vpn pass-through (should be done as default - i think)


Nicolas

BrainPowered.net
Back to top View user's profile Send private message
Sash
DD-WRT Guru


Joined: 20 Sep 2006
Posts: 17619
Location: Hesse/Germany
PostPosted: Fri Mar 25, 2011 18:38    Post subject: Reply with quote
u will always have problems to pass a proxy. but your info is insufficient
_________________
Forum Guidelines...How to get help
&
Forum Rules
&
RTFM/STFW
&
Throw some buzzwords into the WIKI search Exclamation
_________________
I'm NOT rude, just offer pure facts!
_________________
Atheros (TP-Link & Clones, etc ) debrick service in EU
_________________
Guide on HowTo be Safe, Secure and Protect Your Online Anonymity!
Back to top View user's profile Send private message
ray.rick.mini
DD-WRT Novice


Joined: 16 Mar 2011
Posts: 31
PostPosted: Fri Mar 25, 2011 20:53    Post subject: Reply with quote
Sash wrote:
u will always have problems to pass a proxy. but your info is insufficient

I m lucky, It doesn't seems a proxy issue. I got the same error, using a test-machine connected directly to internet.
It seems a TLS autentication problem.

here is server output verb 8:

20110325 21:48:44 MULTI: multi_create_instance called
20110325 21:48:44 I Re-using SSL/TLS context
20110325 21:48:44 Control Channel MTU parms [ L:1575 D:140 EF:40 EB:0 ET:0 EL:0 ]
20110325 21:48:44 Data Channel MTU parms [ L:1575 D:1450 EF:43 EB:4 ET:32 EL:0 ]
20110325 21:48:44 I TCP connection established with 192.168.1.3:56885
20110325 21:48:44 Socket Buffers: R=[65534->65534] S=[65534->65534]
20110325 21:48:44 I TCPv4_SERVER link local: [undef]
20110325 21:48:44 I TCPv4_SERVER link remote: 192.168.1.3:56885
20110325 21:48:44 D 192.168.1.3:56885 TCPv4_SERVER READ [14] from 192.168.1.3:56885: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
20110325 21:48:44 192.168.1.3:56885 TLS: Initial packet from 192.168.1.3:56885 sid=39c8ba99 0fb068ea
20110325 21:48:44 D 192.168.1.3:56885 TCPv4_SERVER WRITE [26] to 192.168.1.3:56885: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
20110325 21:48:44 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 0 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [108] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=94
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [126] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ 1 ] pid=1 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=2 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=3 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=4 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 1 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=5 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 2 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=6 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 3 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=7 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 4 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=8 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 5 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=9 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 6 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=10 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 7 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=11 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 8 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=12 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 9 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=13 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 10 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=14 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 11 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [114] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=15 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 12 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [100] to 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=16 DATA len=86
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 13 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 14 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [22] from 192.168.1.3:56885: P_ACK_V1 kid=0 [ 15 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [126] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ 16 ] pid=2 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 2 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=3 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 3 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=4 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 4 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=5 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 5 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=6 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 6 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=7 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 7 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=8 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 8 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=9 DATA len=100
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER WRITE [22] to 192.168.1.3:56885: P_ACK_V1 kid=0 [ 9 ]
20110325 21:48:45 D 192.168.1.3:56885 TCPv4_SERVER READ [114] from 192.168.1.3:56885: P_CONTROL_V1 kid=0 [ ] pid=10 DATA len=100
20110325 21:48:45 N 192.168.1.3:56885 VERIFY ERROR: depth=0 error=unable to get local issuer certificate: /C=KG/ST=NA/O=OpenVPN-TEST/CN=Test-Client/emailAddress=me@myhost.mydomain
20110325 21:48:45 N 192.168.1.3:56885 TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:lib(20):func(137):reason(178)
20110325 21:48:45 N 192.168.1.3:56885 TLS Error: TLS object -> incoming plaintext read error
20110325 21:48:45 N 192.168.1.3:56885 TLS Error: TLS handshake failed
20110325 21:48:45 N 192.168.1.3:56885 Fatal TLS error (check_tls_errors_co) restarting
20110325 21:48:45 192.168.1.3:56885 SIGUSR1[soft tls-error] received client-instance restarting
20110325 21:48:45 TCP/UDP: Closing socket

I ll try to find a solution in the forum.Any other help is still apreciated!
Thanks!

EDIT I post both client and server conf.

------
mode server
verb 8
proto tcp
port 1194
dev tap0
server-bridge 192.168.10.1 255.255.255.0 192.168.10.200 192.168.10.205
keepalive 10 120
daemon
client-to-client
management localhost 5001
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
cert /tmp/openvpn/cert.pem
key /tmp/openvpn/key.pem
-----
remote 192.168.1.2 1194
client
dev tap0
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
float
verb 4
ca ca.crt
cert client.crt
key client.key
script-security 2 execve
ns-cert-type server
Back to top View user's profile Send private message
ray.rick.mini
DD-WRT Novice


Joined: 16 Mar 2011
Posts: 31
PostPosted: Sat Mar 26, 2011 11:18    Post subject: Reply with quote
I resolved the issue.
I followed "VPN (the easy way) v24+" to create all needed certificate on a linux machine with openvpn 2.1 package.
Two of the script used for cert generation asked me for a passphrase.
First time, I entered it and VPN auth doesn't work.
Second time, I rebuild certs w/o passpharase and vpn works.
Maybe server and client .conf need some other parameters for supporting cert with passphrase?
I suggest to update the wiki specifing to not enter the passphrase, for the "standard" configuration.
Thanks!
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum